RPA SUPERVISOR TECHNICAL OVERVIEW
Below is a technical overview of the RPA Supervisor (RPAS).
Depending on several decision criteria (see below) RPAS can either be installed as an on-premise Full installation or as a Minimal installation.
The illustration below shows how an on-premise deployment integrates with a typical Blue Prism production environment.
RPAS specific components are marked with green while existing Blue Prism infrastructure is marked black. Arrows indicate connected components.
A full installation of the RPA Supervisor consists of the following components:
RPAS Server, a Web Application that:
- Serves the user interface
- Prioritizes and controls the processes in Blue Prism
- Hosted on a standard windows web server (IIS) accessible for all RPAS users
RPAS Blue Prism Adapter, a Windows Service that:
- Reads information from the Blue Prism Database and relays it to the RPAS Server
- Receives commands from the RPAS Server and relays them to Blue Prism
- Is hosted on the same machine as the Blue Prism Application Server
- An MS SQL database used by the RPAS Server to store data.
In the illustration above the RPAS Server is hosted on its own virtual machine. This provides the highest performance and the best network access segregation. This is letting you separate the RPAS server from the Blue Prism environment and you can more safely expose it to the rest of the organization.
For smaller RPA environments we recommend a Minimal Installation.
The illustration below shows a Minimal Installation, where RPAS integrates with a typical Blue Prism production environment, with a single Blue Prism Application Server and database. Below we have listed typical criteria to base the architecture decision on.
Minimal vs full installation
The following table set out the typical criteria to which base the architecture installation decision on.
The RPAS Server requires the following component specifications:
RPAS Blue Prism Adapter
RPAS Blue Prism Adapter runs on the Blue Prism Application Server. Blue Prism hardware requirements are enough, so no hardware changes are required.
RPAS Database Server Requirements
If desired, you can also set up a new server for the RPAS Database. The RPAS Database has the following server requirements.
RPAS Database - minimum and recommended requirements.
The RPAS Server must be open for inbound connections from users. By configuring your network, you can decide how open you want the server to be for such connections.
- Only accepting SSL encrypted connections.
- Communicating with the Adapter using WebSocket Secure (WSS) (component is authorized
using Json Web Tokens (JWT), encrypted using the HMAC-SHA256 algorithm.)
- Authentication based on the internal system of users stored in the RPAS database with a username
- Authentication system is based on JSON Web Tokens
RPAS Blue Prism Adapter
Communication with the RPAS Blue Prism Adapter is done using encrypted channels (SSL). The Adapter only makes outbound connections. There is no way to connect to the Blue Prism Adapter externally.
Enabling SSO to access Blue Prism
If you enable SSO to access Blue Prism and the Blue Prism Database, the Adapter will use the same security as provided by Windows Single Sign-On
Not enabling SSO to access Blue Prism
If not using the SSO for accessing Blue Prism and the Blue Prism Database, user credentials for these logins are stored with AES 256-bit encryption in configuration files to conceal them. The encryption key is stored within the Blue Prism Adapter software.
By design, no customer or GDPR sensitive data from the Blue Prism operations is needed for the RPAS to function.
All data is encrypted using Rijndael256, commonly known as Advanced Encryption Standard (AES) 256-bit.